diff --git a/src/main/java/com/amazon/dlic/auth/http/jwt/HTTPJwtAuthenticator.java b/src/main/java/com/amazon/dlic/auth/http/jwt/HTTPJwtAuthenticator.java
index 27981ff1b9..03e385d5c0 100644
--- a/src/main/java/com/amazon/dlic/auth/http/jwt/HTTPJwtAuthenticator.java
+++ b/src/main/java/com/amazon/dlic/auth/http/jwt/HTTPJwtAuthenticator.java
@@ -58,9 +58,6 @@ public HTTPJwtAuthenticator(final Settings settings, final Path configPath) {
         super();
 
         String signingKey = settings.get("signing_key");
-
-        JwtParserBuilder jwtParserBuilder = KeyUtils.createJwtParserBuilderFromSigningKey(signingKey, log);
-
         jwtUrlParameter = settings.get("jwt_url_parameter");
         jwtHeaderName = settings.get("jwt_header", HttpHeaders.AUTHORIZATION);
         isDefaultAuthHeader = HttpHeaders.AUTHORIZATION.equalsIgnoreCase(jwtHeaderName);
@@ -69,18 +66,19 @@ public HTTPJwtAuthenticator(final Settings settings, final Path configPath) {
         requireAudience = settings.get("required_audience");
         requireIssuer = settings.get("required_issuer");
 
-        if (requireAudience != null) {
-            jwtParserBuilder = jwtParserBuilder.require("aud", requireAudience);
-        }
+        JwtParserBuilder jwtParserBuilder = KeyUtils.createJwtParserBuilderFromSigningKey(signingKey, log);
+        if (jwtParserBuilder == null) {
+            jwtParser = null;
+        } else {
+            if (requireAudience != null) {
+                jwtParserBuilder = jwtParserBuilder.require("aud", requireAudience);
+            }
 
-        if (requireIssuer != null) {
-            jwtParserBuilder = jwtParserBuilder.require("iss", requireIssuer);
-        }
+            if (requireIssuer != null) {
+                jwtParserBuilder = jwtParserBuilder.require("iss", requireIssuer);
+            }
 
-        if (jwtParserBuilder != null) {
             jwtParser = jwtParserBuilder.build();
-        } else {
-            jwtParser = null;
         }
     }